Investigation into Sensitive Permissions of Popular Airline Apps: Cybernews Research

Cybernews research has uncovered concerning findings about popular airline apps and their access to sensitive data on travelers’ devices. With the increasing reliance on airline apps for check-ins, ticketing, and booking services, the potential privacy risks and cybersecurity threats are becoming more apparent.

Recent incidents, such as the ransomware attack on AirAsia in 2022, where data of over five million passengers and employees was stolen, highlight the vulnerabilities in airline app security. The National Cyber Security Agency in Malaysia is currently investigating another breach claim on AirAsia by a threat actor.

To shed light on the data collection practices of airline apps, Cybernews conducted an investigation into 14 popular aviation apps. The research revealed that many of these apps have access to sensitive information on users’ devices, including location, camera, storage, phone state, microphone, contacts, accounts, messages, and calls.

While some airlines disclosed the data they collect and the reasons for it, others did not provide clear information on their data collection practices. This lack of transparency raises concerns about user privacy and data security.

Cybernews advises users to review app permissions carefully before granting access and to be cautious about apps that request unnecessary permissions. By staying informed and vigilant, users can protect their data and ensure a safer digital experience while using airline apps.